QUESTION 201You need to recommend a solution that meets the company’s application provisioning requirements. What should you recommend?

A. Create a new MEDV workspace.B. Publish a new RemoteApp program.C. Create an application compatibility shim.D. Package a new application by using the AppV Sequencer.

Answer: A

Case Study 14 – Blue Yonder Airlines (QUESTION 202 – QUESTION 208)COMPANY OVERVIEWBlue Yonder Airlines has a main office and four branch offices. Each branch office has six satellite offices. The main office is located in Sydney. The branch offices are located in London, New York, Bangkok, and Istanbul. The main office has 1,000 users. Each branch office has 500 users. Each satellite office has 50 to 100 users.PLANNED CHANGESEach satellite office will have a single server deployed. The servers will have the following server roles installed:– File server– Print server– Read-only Domain Controller (RODC)Each satellite office will have a local support technician who performs the following tasks:– Manages printers.– Manages server backups.– Manages updates on the server.Each support technician will only be permitted to manage the server located in his office.You plan to implement a backup and recovery solution to restore deleted Active Directory objects. The solution must ensure that the attributes of the deleted objects are restored to the same state they were in before they were deleted.You plan to deploy a custom sales application named App2 to the portable computers of all company sales consultants. The setup program of App2 requires local administrative privileges. App2 will be updated monthly.BUSINESS GOALSBlue Yonder Airlines has the following business goals:– Minimize server downtime.– Minimize administrative effort.– Minimize interruptions to users caused by WAN link failures.EXISTING ENVIRONMENTThe network contains servers that run either Windows Server 2008 R2 or Windows Server 2008. All client computers were recently replaced with new computers that run Windows 7 Enterprise.Users do not have local administrator rights on the client computers.Existing Active Directory/Directory ServicesThe network contains a single Active Directory domain named blueyonderairlines.com. The functional level of the domain is Windows Server 2008. All domain controllers run Windows Server 2008.Existing Network InfrastructureAll offices have wired and wireless networks.The main office has a file server that stores large graphics files. The files are used by all of the users in all of the offices.A Group Policy is used to assign an application named App1 to all of the users in the domain.The branch offices contain public computers on which temporary employees can browse the Internet and view electronic brochures. When the employees log on to the public computers, they must all receive the same user settings.App1 must not be installed on the public computers. The computer accounts for all of the public computers are in an organizational unit (OU) name Public.REQUIREMENTSSecurity RequirementsAll computers in the domain must have a domain-level security Group Policy object (GPO) applied.You plan to implement Network Access Protection (NAP) by using switches and wireless access points (WAPs) as NAP enforcement points.The public computers must meet the following security requirements:– Only authorized applications must be run.– Automatic updates must be enabled and applied automatically.– Users must be denied access to the local hard disk drives and the network shares from the public computers.Technical RequirementsThe file server in each branch office is configured as shown in the following table.

Each user is allocated 1 GB of storage on the Users share in their local office.Each user must be prevented from storing files larger than 500 MB on the Data share in their local office.Blue Yonder Airlines must meet the following requirements for managing App2:– Sales consultants must use the latest version of the application.– When a new version of App2 is installed, the previous version must be uninstalled. Sales consultants must be able to run App2 when they are disconnected from the network.

QUESTION 202You need to recommend a strategy for recovering objects deleted from Active Directory that supports the planned changes.What should you include in the recommendation? (Each correct answer presents part of the solution. Choose two.)

QUESTION 203You need to recommend a solution for deploying and managing App2.What should you recommend?

A. Publish App2 as a RemoteApp program.B. Deploy App2 by using a Group Policy logon script.C. Assign App2 by using Group Policy software distribution.D. Publish App2 by using Group Policy software distribution.

Answer: CExplanation:http://support.microsoft.com/kb/816102This step-by-step article describes how to use Group Policy to automatically distribute programs to client computers or users. You can use Group Policy to distribute computer programs by using the following methods:Assigning SoftwareYou can assign a program distribution to users or computers. If you assign the program to a user, it is installed when the user logs on to the computer. When the user first runs the program, the installation is finalized. If you assign the program to a computer, it is installed when the computer starts, and it is available to all users who log on to the computer. When a user first runs the program, the installation is finalized.Publishing SoftwareYou can publish a program distribution to users. When the user logs on to the computer, the published program is displayed in the Add or Remove Programs dialog box, and it can be installed from there.

QUESTION 204You need to recommend a NAP enforcement method that meets the company’s security requirements. Which method should you recommend?

A. 802.1XB. DHCPC. IPSecD. VPN

Answer: A

QUESTION 205You need to recommend a solution for managing the public computers in the branch offices.What should you recommend?

A. Create a GPO that is linked to the domain and configure security filtering for the GPO.B. Create a GPO that is linked to the Public OU and configure security filtering for the GPO.C. Create a GPO that is linked to the Public OU and enable loopback processing in the GPO.D. Create a GPO that is linked to the domain and enable block inheritance on the Public OU.

Answer: CExplanation:http://support.microsoft.com/?id=231287Group Policy applies to the user or computer in a manner that depends on where both the user and the computer objects are located in Active Directory. However, in some cases, users may need policy applied to them based on the location of the computer object alone. You can use theGroup Policy loopback feature to apply Group Policy Objects (GPOs) that depend only on which computer the user logs on to.http://technet.microsoft.com/en-us/windowsserver/cc817587Managing Terminal ServicesWhat is loopback processing?Group Policy loopback processing can be used to alter the application of GPOs to a user by including GPOs based on the location of the computer object. The typical way to use loopback processing is to apply GPOs that depend on the computer to which the user logs on.

QUESTION 206You need to recommend an administrative solution for the local support technicians in the satellite offices. The solution must meet the company’s security requirements.What should you include in the recommendation?

Answer: BExplanation:http://technet.microsoft.com/en-us/library/cc753170%28WS.10%29.aspxThis topic explains how you can use Administrator Role Separation (ARS) on a read-only domain controller (RODC) to delegate RODC administration to a user who is not a member of the DomainAdmins group.One problem encountered by administrators of domain controllers in perimeter networks is that domain controllers typically have to be set up and administered by domain administrators.Administrative operations, such as applying software updates, performing an offline defragmentation, or backing up the system, cannot be delegated.With the introduction of RODCs, domain administrators can delegate both the installation and the administration of RODCs to any domain user, without granting them any additional rights in the domain. The ability to perform this delegation is called ARS.

QUESTION 207You need to recommend a solution to ensure that users in the London office can access the graphics files in the main office. The solution must meet the company’s business goals.What should you recommend?

Case Study 15 – Proseware, Inc (QUESTION 209 – QUESTION 215)COMPANY OVERVIEWProseware, Inc. is a publishing company that has a main office and a branch office. The main office is located in New York. The branch office is located in Sydney. The main office has 5,000 users. The branch office has 1,000 users.PLANNED CHANGESProseware plans to deploy a new 64-bit application named App2 to 10 users in the branch office. Only members of the local Administrators group can run App2.Proseware is evaluating whether to deploy virtual desktop pools. The virtual desktop pools must meet the following requirements:– Apply the settings in GPO1 to the virtual machines (VMs).– Prevent the VMs from receiving the Automatic Updates settings from GPO2.– Ensure that only the host VM is affected if a virtual hard disk (VHD) file becomes corrupt.– Minimize the amount of storage used to support the VMs.– Minimize the amount of memory and CPU resources used by the VMs.– Minimize administrative effort.EXISTING ENVIRONMENTAll servers run either Windows Server 2008 or Windows Server 2008 R2. All of the client computers in the main office run Windows 7. All of the client computers in the branch office run Windows XP (x86) with Service Pack 3 (SP3).All of the client computers in the main office are configured as Microsoft Enterprise Desktop Visualization (MED-V) and Microsoft Application Virtualization (App-V) clients.A two-node Hyper-V cluster is deployed in the main office. The cluster uses Clustered Shared Volumes.Existing Active Directory/Directory ServicesThe network contains a single Active Directory domain named proseware.com. The functional level of the forest is Windows Server 2008.The relevant organizational units (OUs) for the domain are configured as shown in the following table.

A custom Group Policy object (GPO) named GPO1 is linked to the domain, GPO1 contains corporate computer security settings.A custom GPO named GPO2 is linked to both office OUs. GPO2 contains Windows Server Update Services (WSUS) settings.Existing Network InfrastructureEach office has servers that have the following server roles or role services installed:– WSUS– Hyper-V– File Services– Remote Desktop Web Access (RD Web Access)– Remote Desktop Session Host (RD Session Host)– Remote Desktop Virtualization Host (RD Virtualization Host)– Remote Desktop Connection Broker (RD Connection Broker)REQUIREMENTSTechnical RequirementsWhen users interactively logs on to any of the client computers in the branch office, they must automatically receive the local administrator rights to that computer. When users logs off, they must lose the administrator rights.The disk space on all file servers must be monitored. If any file server has less than 20% free disk space on a volume, a script must run that deletes temporary files.Problem StatementsThe main office has a shared folder named Legal. The Legal share is only accessed by users in the legal department. Legal department users report that it takes a long time to locate files in the Legal share by using keyword searches.

QUESTION 209You need to recommend a monitoring solution for the file server that meets the technical requirements. What should you include in the recommendation?

QUESTION 210You need to recommend a solution for deploying App2.What should you recommend?

A. Deploy a new AppV package that contains App2. Stream the package to the client computers of the 10 users.B. Deploy a new MEDV workspace that contains App2. Deploy the workspace to the client computers of the 10 users.C. On an RD Session Host server in the branch office, install and publish App2 by using RemoteApp. Deploy the RemoteApp program as an MSI file.D. On an RD Virtualization Host server in the branch office, create 10 Windows 7 VMs that contain App2. Configure the new VMs as personal virtual desktops.